This type of scam is similar to the Nigerian email fraud. The idea is the same – fraudsters promise recipients the Moon trying to get access to their bank accounts or make them pay ‘initial expenses’.
Generally, the sum purportedly ‘won’ is over $500,000. The initial sum requested from the recipient of the email is a very small fraction when compared to the amount that they have ‘won’. The fraudsters usually ask for between several hundred and several thousand dollars on some pretext or other – this may be commission for the money transfer, a tax, the necessity to open a bank account, etc.
Unfortunately, very few ‘lucky winners’ are bothered by the fact that they never participated in the lottery in which they supposedly won these millions of Dollars. Fraudsters often don’t even bother to create a fake site for their lottery and it doesn’t occur to the naive ‘winner’ that notifications from a genuine lottery organizer will never be sent from a free email server. Neither will they be sent from addresses that look like random sequences (for example, email@example.com).
Generally fake notifications ask a recipient to keep this information confidential (‘To avoid duplicate claims, you are advised to keep all winning lottery information and numbers private, in line with our company’s security protocol).
Before taking action to claim their prize, the ‘winners’ should pause for a moment and try to answer the following questions:
- Have you participated in this lottery? If not, then you are most likely being targeted by conmen.
- Have you been asked to pay money on some pretext or other? All legitimate lottery websites contain information stressing that no initial payments are required in order to receive a prize that is due to you.
- What address is shown in the From field? A legitimate lottery notification would never be sent from msn.com, hotmail.com, netscape.net, yahoo.com and other similar email hosts.
As per the Nigerian email fraud, fake notifications of lottery wins are mostly English-language messages, though there are also messages in French, German, Spanish and other languages, usually in the same format, with the text in these messages having been translated from the English-language originals using an online translator.
There are also Russian-language versions of such messages, but they are very rare.
An example of a fake English-language lottery notification
An example of a fake Russian-language lottery notification
The share of spam in email traffic in 2017 fell by 1.68% to 56.63%. The lowest share (52.67%) was recorded in December 2017. The highest (59.56%) belonged to September. In 2017, the Anti-Phishing system was triggered 246,231,645 times on computers of Kaspersky Lab users as a result of phishing redirection attempts. Read Full Article
It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article
On Monday, Jan 29th, IRS officially opened its 2018 season. Right after two days of the opening, we got phishing messages with a fake refund status websites. Read Full Article
This time of year is an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more. Read Full Article
Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article
In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article
In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article
The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry. Read Full Article
In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors. As further research demonstrated, this was just part of a bigger story that began much earlier and is unlikely to end any time soon. Read Full Article
Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air, Turkish Airlines, Air Asia, Air India, and other companies. Read Full Article